Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/grHqsCHy6ega1pRnDCHTGM--V5M.roa
File: grHqsCHy6ega1pRnDCHTGM--V5M.roa (raw, json)
Hash identifier: lZMRmHRAYJ+sqxjighLpaidH0BwyDBeZNTGhauq0iRQ=
Subject key identifier: 82:B1:EA:B0:21:F2:E9:E8:1A:D6:94:67:0C:21:D3:18:CF:BE:57:93
Certificate issuer: /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Certificate serial: 018B1E25A346C680ED9D08C7BBC4573AF2B4
Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/grHqsCHy6ega1pRnDCHTGM--V5M.roa
Signing time: Wed 11 Oct 2023 09:51:04 +0000
ROA not before: Wed 11 Oct 2023 09:51:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216444
IP address blocks: 5.199.164.0/22 maxlen: 32
2a02:ae00:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:25:a3:46:c6:80:ed:9d:08:c7:bb:c4:57:3a:f2:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Validity
Not Before: Oct 11 09:51:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82b1eab021f2e9e81ad694670c21d318cfbe5793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a5:72:7e:bf:2d:c5:5c:3b:36:72:15:8d:81:
1d:7f:d0:7b:49:6b:01:5a:a2:9c:35:6f:f8:48:d3:
b5:50:c0:04:a5:6f:0f:e8:06:ed:82:c1:e3:0e:bb:
c5:39:91:ea:b0:82:e8:a9:2d:84:a2:7e:70:e1:1a:
b4:b5:9b:47:7a:98:59:a9:64:f7:a7:0a:4b:8f:ee:
79:90:6a:7d:93:d2:5d:a8:89:60:43:a1:7b:bd:f2:
da:ab:9b:0a:20:31:b0:68:d7:60:d2:71:d9:a2:f9:
cc:da:c9:a9:65:17:7f:c6:43:82:af:90:34:5a:30:
ce:e3:32:19:4c:cf:c9:32:50:1c:b2:fc:ce:05:2b:
ac:94:2a:50:e6:7d:e3:d4:52:1d:21:5c:e3:ae:e6:
d6:d2:8b:a9:ad:c9:77:f2:e7:43:02:e7:36:d5:fe:
40:4f:e6:c4:41:d0:d2:89:fb:ab:51:39:92:1a:69:
72:23:e9:c9:53:c0:b7:db:e0:18:13:2e:7d:ff:ee:
04:17:cd:60:b9:56:98:c4:c1:a3:3c:b4:71:34:4f:
f3:3f:94:02:ae:c0:09:85:f9:96:7d:ac:ad:5e:72:
1e:02:dc:7c:3c:45:bf:20:6d:53:f2:68:13:6e:ad:
8b:89:86:8f:d6:7a:f6:cd:f7:6c:b4:39:9a:5d:9e:
2d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B1:EA:B0:21:F2:E9:E8:1A:D6:94:67:0C:21:D3:18:CF:BE:57:93
X509v3 Authority Key Identifier:
keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/grHqsCHy6ega1pRnDCHTGM--V5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.164.0/22
IPv6:
2a02:ae00:1000::/36
Signature Algorithm: sha256WithRSAEncryption
82:10:ad:89:ea:bc:e6:e9:3c:19:3b:34:c3:4b:74:b4:cf:c6:
7d:9f:e9:c6:32:83:36:42:1b:fe:03:a6:a6:35:21:30:2b:6e:
97:bf:8d:2b:25:d0:24:f9:5d:ff:a3:34:a9:fb:06:12:3f:13:
0c:57:df:d6:99:c4:4d:7f:f1:da:47:22:95:83:2c:6a:f4:12:
7d:50:88:dd:76:2e:9b:55:83:62:0e:5c:5e:f9:62:8e:46:97:
16:ed:9b:4d:f7:ae:63:f4:9b:a4:63:f7:f5:a7:ce:d2:cb:a8:
be:cb:08:6f:f6:44:56:6f:63:ae:32:02:11:43:4c:a6:d1:0b:
09:90:59:90:3f:dc:7e:ed:ab:c1:ee:30:e1:a7:53:df:3a:84:
18:d3:b1:ae:29:a4:0f:ea:6e:d2:71:3a:39:3e:f4:2a:f4:0d:
d5:fe:ae:7e:7f:e2:f9:3b:d8:91:b4:95:b6:c5:7d:25:8e:87:
39:30:06:1d:d5:e5:53:7f:67:00:5f:b4:0c:42:20:0b:30:94:
13:72:ba:69:7c:7a:c8:35:32:88:34:7e:ad:00:c1:00:3a:0e:
b7:6b:aa:9b:d6:7c:77:f3:2e:5d:a5:7a:f6:fb:5f:6f:09:d5:
c4:43:a3:48:92:78:cc:3e:cd:8f:27:1b:79:6b:07:d6:d1:fd:
1b:61:08:bd
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYseJaNGxoDtnQjHu8RXOvK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzNhZTFjNjA2NzJjNzU5MWE4Zjk3ZDY4Zjc5ZmIyYTVl
ZThkYTcwHhcNMjMxMDExMDk1MTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmIxZWFiMDIxZjJlOWU4MWFkNjk0NjcwYzIxZDMxOGNmYmU1NzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6Vyfr8txVw7NnIVjYEdf9B7SWsB
WqKcNW/4SNO1UMAEpW8P6AbtgsHjDrvFOZHqsILoqS2Eon5w4Rq0tZtHephZqWT3
pwpLj+55kGp9k9JdqIlgQ6F7vfLaq5sKIDGwaNdg0nHZovnM2smpZRd/xkOCr5A0
WjDO4zIZTM/JMlAcsvzOBSuslCpQ5n3j1FIdIVzjrubW0ouprcl38udDAuc21f5A
T+bEQdDSifurUTmSGmlyI+nJU8C32+AYEy59/+4EF81guVaYxMGjPLRxNE/zP5QC
rsAJhfmWfaytXnIeAtx8PEW/IG1T8mgTbq2LiYaP1nr2zfdstDmaXZ4tvQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIKx6rAh8unoGtaUZwwh0xjPvleTMB8GA1UdIwQY
MBaAFDQzrhxgZyx1kaj5fWj3n7Kl7o2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYt
MzBjZTgzNzAxYjM5LzEvZ3JIcXNDSHk2ZWdhMXBSbkRDSFRHTS0tVjVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYtMzBjZTgzNzAxYjM5
LzEvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCBcekMA4E
AgACMAgDBgQqAq4AEDANBgkqhkiG9w0BAQsFAAOCAQEAghCtieq85uk8GTs0w0t0
tM/GfZ/pxjKDNkIb/gOmpjUhMCtul7+NKyXQJPld/6M0qfsGEj8TDFff1pnETX/x
2kcilYMsavQSfVCI3XYum1WDYg5cXvlijkaXFu2bTfeuY/SbpGP39afO0suovssI
b/ZEVm9jrjICEUNMptELCZBZkD/cfu2rwe4w4adT3zqEGNOxrimkD+pu0nE6OT70
KvQN1f6ufn/i+TvYkbSVtsV9JY6HOTAGHdXlU39nAF+0DEIgCzCUE3K6aXx6yDUy
iDR+rQDBADoOt2uqm9Z8d/MuXaV69vtfbwnVxEOjSJJ4zD7NjycbeWsH1tH9G2EI
vQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:13 2024 by rpki-client on console-fra.rpki-client.org